9 cybersecurity tips for staff working remotely
In the current climate, companies have followed rules on “social distancing” and setting up their employees to work from home. Remote working is a great solution for most but without proper security measures in place, employees could leave their company open to cyber attacks.
In this blog, we share tips to help you navigate your remote working journey and keep you safe online!
What are the online threats to remote workers?
Before we dive head-first into the tips, let’s outline some of the online threats that remote workers should know about.
- Unsecure Wifi networks: Most workers will work from home where they can secure their wifi. However, some may need to use unsecured public wifi (cafe, trains), a hot spot for cybercriminals to lurk and gain unauthorized access to sensitive information.
- Using personal device and networks: Some workers may have no choice but to use of personal networks and devices. These will most likely lack the level of security (anti-virus, firewalls etc) your office devices/network. This increases the risk of malware finding its way onto devices and both personal information and work-related sensitive data being leaked.
- Phishing: The number of phishing attacks has already increased during the pandemic, so it is safe to assume we will likely see an increase in malicious campaigns targeting remote workers.
Remote working tips for staying cyber-safe
It’s also worth checking with your employer to see if they have any protocols or a remote working policy in place. If not, here are some simple steps you can take to protect yourself while working from home:
Use strong password protection
Make sure your accounts are protected by using strong passwords and never use the same password twice. It only takes one compromised password for someone to gain access to all of your accounts.
It’s near impossible to think of and remember strong and unique passwords for every account your make, you could have hundreds. This is where password managers come in handy. A password manager can generate and store all your passwords without you ever needing to remember them yourself.
MyGlue and LastPass are two good examples to use!
Enable multi-factor authentication (MFA)
Even if you follow best practice with passwords, passwords themselves are a constant risk and may eventually be cracked. To eliminate this security risk, turn on Multi-Factor Authentication (MFA) for you and your colleagues.
MFA is a security process that requires the user to provide more than one method of authentication to verify themselves for a login or other transaction. Only granting access only after successfully presenting two or more pieces of evidence to an authentication mechanism. Read more about Multi-Factor Authentication here!
Use a VPN
A VPN isn’t just used to get around geographically restricted content, it is also good at increasing online privacy. When you connect your computer, smartphone or tablet to a VPN (Virtual Private Network), the computer acts as if it’s on the same local network as the VPN.
But be careful which VPN to trust, not all of them are nice! Some could leave your device riddled with Malware. If you’d like some advice on which VPN is right for you, check out VPN Ratings post for advice.
Set up firewalls
Firewalls act as a line defence to prevent threats from entering your computer system. They create a barrier between your device and the internet by closing ports to communication. This can help prevent malicious programs from entering and can stop data leaking from your device.
Your device’s operating system will usually have some form of a built-in firewall, just make sure that yours are enabled!
Activate antivirus software
Although a firewall can help, it’s inevitable that threats can get through. Good antivirus software can act as the next line of defence by detecting and blocking known malware (malicious software).
Even if malware does manage to find its way onto your device, an antivirus may be able to detect and in some cases remove it.
Keep on top of install updates
Updates for device software can be annoying and often pop-up right when we’re in the middle of something, but they are highly important! Updates often include patches for security vulnerabilities, meaning if you don’t update you are leaving yourself open to cyber threats.
Most of the time, you can set updates to run automatically during your downtime – when you’re sleeping or over the weekend.
Back up all of your data
Human error, physical damage to hardware, or a cyberattack can all lead to the loss of important business data. Ransomware and other types of malware can wipe entire systems. One of the safest and cost-effective ways to store your data is in the cloud.
If your business isn’t operating on a cloud-based system yet, now is a great excuse to start. Not only is it more secure than a physical server, but it also gives you and your colleagues the opportunity to work on files from anywhere, at the same time.
Be on the lookout for Phishing
Phishing emails, voicemails (vishing), and text messages (smishing) are used to “phish” for information. They are often used in social engineering campaigns to use information criminals can learn from your social accounts to gain access to a mailbox and, from there, send unsolicited emails on behalf of the unwitting victim.
Whilst phishing has evolved to use complex techniques, there are a couple of key indicators which, if you learn and keep in mind, you can drastically reduce your chances of being phished. Here’s a couple of our favourites!
Leaving your device? Lock it
Last but not least, locking your machine is a basic but easy-to-forget step. Even if you are stepping away for a second, make locking your device part of your routine before leaving the desk. This will be beneficial when returning to the office. It’s a simple part of security that will pay off!
If your business is looking for cyber security support for remote working, get in touch, we would love to hear from you!
In summary, the landscape of remote work offers unparalleled flexibility and convenience, but it's not without its risks. Understanding and mitigating these risks is crucial for safeguarding sensitive information and maintaining productivity. From unsecured Wi-Fi networks to sophisticated phishing attempts, remote workers face a myriad of online threats.
However, by implementing simple yet effective cybersecurity measures, remote workers can significantly enhance their defences. Strong password protection, multi-factor authentication, VPN usage, firewalls, antivirus software, and regular software updates form the foundation of a robust cybersecurity posture. Additionally, backing up data, remaining vigilant against phishing attempts, and adopting simple habits like locking devices when stepping away further bolster security.
As the remote work landscape continues to evolve, staying informed and proactive is essential. By prioritizing cybersecurity and adhering to best practices, remote workers can navigate the digital realm with confidence, ensuring both personal and professional data remains secure.